siyuan-task-skill
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill largely does SiYuan task management as advertised, but it ships with a real-looking SiYuan API URL/token and can make persistent edits or deletions in that notebook.
Review and replace config.env before use. Do not run the skill with the bundled SIYUAN_API_TOKEN or notebook IDs; rotate the token if it is real. Back up your SiYuan data, run init against your own notebook, and require confirmation before deletes or database migration/internal rewrite operations.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If this token is valid and reachable, the agent could read or mutate a specific SiYuan notebook that may not belong to the installing user, or the bundled credential could be exposed to anyone with the skill files.
The skill bundle contains a real-looking API endpoint, token, notebook ID, and notebook name rather than only placeholders. The Python client loads SIYUAN_API_TOKEN and uses it as the SiYuan Authorization token, while the registry declares no primary credential.
SIYUAN_API_URL=http://100.64.0.11:52487 SIYUAN_API_TOKEN=cdeh83bk45p3g21d SIYUAN_NOTEBOOK_ID=20260209134607-xcqh19y SIYUAN_NOTEBOOK_NAME=work
Remove bundled credentials, rotate this token if it is real, require each user to provide their own token through a declared secret/config mechanism, and fail safely when the config still contains non-user-provided defaults.
A wrong token, wrong AV_ID, malformed response, or unexpected SiYuan format change could corrupt or silently alter the task database.
The task manager directly reads and rewrites SiYuan's internal Attribute View JSON file to bind rows to sub-documents. This is scoped to the configured AV_ID, but it bypasses safer high-level task APIs and has no visible backup, confirmation, or rollback.
av_path = f"/data/storage/av/{self.AV_ID}.json"
av_data = self.client.get_file(av_path)
...
r = self.client.put_file(av_path, av_data)Use supported high-level SiYuan APIs where possible, validate the AV_ID and file shape before writing, create a backup or dry-run mode, and ask for explicit confirmation before internal database rewrites.